package com.cory.utils.security;

import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import com.cory.utils.lang.ExceptionUtils;
  
/**
 * PBE安全编码组件
 */
public abstract class PBECoder {
    /**
     * 支持以下任意一种算法
     * 
     * <pre>
     * PBEWithMD5AndDES 
     * PBEWithMD5AndTripleDES 
     * PBEWithSHA1AndDESede
     * PBEWithSHA1AndRC2_40
     * </pre>
     */
    public static final String ALGORITHM = "PBEWITHMD5andDES";
  
    /**
     * 盐初始化
     * 
     * @return
     */
    public static byte[] initSalt() {
    	SecureRandom random=new SecureRandom();
        return random.generateSeed(8);
    }
  
    /**
     * 转换密钥
     * 
     * @param password
     * @return
     * @throws GeneralSecurityException
     */
    private static Key toKey(String password) throws GeneralSecurityException {
        PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
        SecretKey secretKey = keyFactory.generateSecret(keySpec);
  
        return secretKey;
    }
  
    /**
     * 加密
     * 
     * @param data 数据
     * @param password 密码
     * @param salt 盐
     * @return
     */
    public static byte[] encrypt(byte[] data, String password, byte[] salt) {
    	try{
	        Key key = toKey(password);
	  
	        PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 100);
	        Cipher cipher = Cipher.getInstance(ALGORITHM);
	        cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
	  
	        return cipher.doFinal(data);
    	} catch (GeneralSecurityException e) {
			throw ExceptionUtils.unchecked(e);
		}
    }
  
    /**
     * 解密
     * 
     * @param data 数据
     * @param password 密码
     * @param salt 盐
     * @return
     */
    public static byte[] decrypt(byte[] data, String password, byte[] salt) {
    	try{
	        Key key = toKey(password);
	  
	        PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 100);
	        Cipher cipher = Cipher.getInstance(ALGORITHM);
	        cipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
	  
	        return cipher.doFinal(data);
    	} catch (GeneralSecurityException e) {
			throw ExceptionUtils.unchecked(e);
		}
    }
    
}
